Security Incidents mailing list archives

Re: pimpshiz / put i.txt

From: "Cashdollar, Larry" <larry.cashdollar () AKAMAI COM>
Date: Mon, 9 Oct 2000 13:18:42 -0400

I have spoken to pimpshiz, and he DOES NOT use the RDS' sploit.  He does

use

a 0day, but I am unsure of it's nature.  He has defaced all IIS/NT servers,
so that at least narrows it down.  More logs would be nice though.



If pimpshiz has a 0 day exploit for IIS/NT 4.0 Why is he defacing these no
name sites?
If we look at attrition I see the sites he has defaced are low profile.  If
I take a look at netcraft I see that IIS/NT 4.0 is also being used by nasdaq
and the NFL.  It is my guess that he has a customized RDS' script which he
probably tweaked a little and calls it 0 day.

Current thread:

pimpshiz / put i.txt Rewt, Kit (Oct 04)
- Re: pimpshiz / put i.txt Jonathan Rickman (Oct 04)
- <Possible follow-ups>
- Re: pimpshiz / put i.txt Steve (Oct 05)
- Re: pimpshiz / put i.txt Larimer, Jon (ISSAtlanta) (Oct 05)
- Re: pimpshiz / put i.txt Tony Turk (Oct 06)
  - Re: pimpshiz / put i.txt Jason Witty (Oct 06)
    - Re: pimpshiz / put i.txt Steve (Oct 10)
- Re: pimpshiz / put i.txt Cashdollar, Larry (Oct 10)
- Re: pimpshiz / put i.txt Abe Getchell (Oct 11)